Oracle JD Edwards EnterpriseOne Tools contains a flaw related to the Enterprise Infrastructure SEC (JDENET) sub-component that may allow a remote authenticated attacker to gain unauthorized access to certain user password information via a specially crafted packet.
Remote / Network Access
Loss of Confidentiality
Patch / RCS
Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.